🔥 3-day streak
Microsoft Cybersecurity Architect Expert14 / 158
Question 14 of 158

A financial services organization uses Microsoft 365 E5 and has enabled Microsoft Defender for Cloud Apps. Security discovers that employees are uploading customer data to numerous unsanctioned SaaS applications, and that several OAuth-connected third-party apps have been granted broad Microsoft Graph permissions (such as Mail.ReadWrite and Files.ReadWrite.All) without IT review. The security architect must design a solution that (1) surfaces and blocks risky cloud app usage discovered from network traffic, and (2) continuously monitors and can automatically revoke over-privileged or malicious OAuth app grants against Microsoft 365. Which combination of Defender for Cloud Apps capabilities should the architect implement?

Reviewed for accuracy · Report an issueNext question